PKIX path building failed:
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0521761
check server cert returned
openssl s_client -connect IP:port -status -showcerts </dev/null
For new root CA:
Create protocol profile
add root CA certificate(subca2001)
addpk12 signed by above rootCA
link protocol profile with pk12
reassocated protocol porfile with mtls rest end point
https://stackoverflow.com/questions/11799733/received-fatal-alert-bad-certificate
Received fatal alert: bad_certificate
check openssl s_client -connect IP:port -status -showcerts </dev/null
acceptable client CA
its likely sever rejects client pk12 u present becaue CA signed pk12 is not in the acceptable client ca
No comments:
Post a Comment